Exploiting the human during a cyberattack is common. In fact, statistically, over seventy percent of the reported attacks in 2017, occurred due to human error. Approximately half of those successful attacks exploited the day-to-day end-user, the remainder were errors by the IT employees.

Attacking the human is successful, in part, because of human nature. Targeting the good nature, curiosity, and, eagerness of a person is simple. We want to help, we want to engage with technology.

Starting June 1, 2018, private and public entities must establish reasonable data security measures and notify those affected negatively when personal data has been compromised. Despite Alabama being last to the data breach notification parade, our law has been described among the most stringent in the nation. From my personal experiences, I agree, Alabama’s law takes into consideration third-party service providers which many states neglect. Alabama’s inclusion of “third-party agents,” that is to say, entities contracted to maintain, store, process, or otherwise permitted to access sensitive personally identifying information in connection with providing services to a covered entity, is outstanding for Alabama’s citizens – there is no hiding, passing of the proverbial buck: if you collect electronic information from your customers, you are responsible for it.

What’s the solution? Regulation? Perhaps. However, I wonder if Facebook were to simply abandon the ad-driven model and go to a paid subscription model, what would happen? The issues with fraudulent accounts would be easier to address, age verification would be simple, and, you could get to what you want: sharing without the debris field of ads and weird news feeds. But, we’ve become accustomed to “free” web content, would the account holder be willing to exchange cash for a cleaner playing field? I don’t know.

All these accounts belong to customers of an obscure American company named Devumi that has collected millions of dollars in a shadowy global marketplace for social media fraud. Devumi sells Twitter followers and retweets to celebrities, businesses and anyone who wants to appear more popular or exert influence online. Drawing on an estimated stock of at least 3.5 million automated accounts, each sold many times over, the company has provided customers with more than 200 million Twitter followers, a New York Times investigation found.